objc_msgSend() crash after VST plugin unload

Audio Plugins
1

Hi!

I have stable crash of a VST plugin in Reaper on deleting the plugin from a track if "Allow complete unload of VST plug-ins" is enabled. I think this crash is related with rare AU version crash in Logic on unload but I can reproduce this crash 100% so it's cool to investigate it.

The call stack is:


-----------
Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x000000010a95cae0
 
Application Specific Information:
objc_msgSend() selector name: didResignActiveFirstResponder
 
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0   libobjc.A.dylib                0x00007fff94004259 objc_msgSend + 25
1   com.apple.AppKit               0x00007fff8e0da892 +[_NSAutomaticFocusRing setActiveFirstResponderChanged] + 261
2   com.apple.AppKit               0x00007fff8e0da719 ___NSPostActiveFirstResponderChanged_block_invoke_0 + 29
3   com.apple.CoreFoundation       0x00007fff964fa417 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 23
4   com.apple.CoreFoundation       0x00007fff964fa381 __CFRunLoopDoObservers + 369
5   com.apple.CoreFoundation       0x00007fff964d57b8 __CFRunLoopRun + 728
6   com.apple.CoreFoundation       0x00007fff964d50e2 CFRunLoopRunSpecific + 290
7   com.apple.HIToolbox            0x00007fff8fc38eb4 RunCurrentEventLoopInMode + 209
8   com.apple.HIToolbox            0x00007fff8fc38b94 ReceiveNextEventCommon + 166
9   com.apple.HIToolbox            0x00007fff8fc38ae3 BlockUntilNextEventMatchingListInMode + 62
10  com.apple.AppKit               0x00007fff8e005533 _DPSNextEvent + 685
11  com.apple.AppKit               0x00007fff8e004df2 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 128
12  com.apple.AppKit               0x00007fff8dffc1a3 -[NSApplication run] + 517
13  com.apple.AppKit               0x00007fff8dfa0bd6 NSApplicationMain + 869
14  com.cockos.reaper              0x000000010001029c main + 28
15  com.cockos.reaper              0x0000000100010264 start + 52
==========
 
There were similar stacks seen on this forum. Some event handler in the plugin is called after unload of the module.

 

Okay, I have a plan:

1. I disable "Allow complete unload of VST plug-ins" option so the module is not to be unloaded

2. I set a breakpoint at ~JuceVSTWrapper

Now I have to answer 2 questions:

1. Which message handlers are called _after_ shutdownJuce_GUI()

2. Why do they called? It seems some message handlers weren't detached

 

Any help with question #1? How can I find, which message handlers can be called so I can catch them with breakpoints?

 

2

The crash happens if a popup menu from combobox or a tooltip was shown at least once. Maybe it's something related with their "popup" nature?

 

3

This kind of crash comes up a lot - it usually means that an NSWindow has been destroyed and then the host has unloaded the DLL without allowing the message loop to be run in between. Something in the OS still hangs on to a reference to the window, and calls a method on it after the plugin code has already been unloaded from memory, so obviously it'll crash.

This has been discussed many times and there's no safe workaround that the plugin can do - the only fix is for the host to add a short delay before unloading the DLL.

4

any chance to do a workaround from within a plugin?